SAML X509 public certificate

Hello

SAML noob here. As per the guide here: Understanding SAML | Okta Developer, an SP would need to store the public certificate to validate the signature. Would this certificate change for each customer in Okta or would we only ever have one public certificate for Okta as an IDP.

Thanks

Okta uses unique signing credentials per-tenant. You can’t trust a single certificate for all Okta customers. This is pretty common configuration for multi-tenant IdPs like Okta.

Thanks for the response. That’s what I assumed as well but wanted to confirm it. :+1:

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.